Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows Vista-Servicepack 1: Auf Webseiten erscheint "Fehler: Server nicht gefunden". Ursache: Virus ProgramData, Wprotectmanager, IePlugin

Windows Vista-Servicepack 1: Auf Webseiten erscheint "Fehler: Server nicht gefunden". Ursache: Virus ProgramData, Wprotectmanager, IePlugin


Log-Analyse und Auswertung: Windows Vista-Servicepack 1: Auf Webseiten erscheint "Fehler: Server nicht gefunden". Ursache: Virus ProgramData, Wprotectmanager, IePlugin

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 02.11.2014, 03:25   #1
nicole35
 
Windows Vista-Servicepack 1: Auf Webseiten erscheint "Fehler: Server nicht gefunden". Ursache: Virus ProgramData, Wprotectmanager, IePlugin - Standard

Windows Vista-Servicepack 1: Auf Webseiten erscheint "Fehler: Server nicht gefunden". Ursache: Virus ProgramData, Wprotectmanager, IePlugin


Hallo zusammen,

ich habe mir einen Virus auf meinem Acer-PC eingefangen. Ich habe das 32-bit Betriebssystem von Windows Vista installiert. Bisher auch leider noch Servicepack 1, weil die Installation von Servicepack 2 bei mir nie funktioniert hatte.

Die Behebung von Problemen bei Gerätetreibern, die auch in den Log-Files zu finden sind, funktionieren auch schon länger nicht. Das dürfte allerdings nichts mit dem Virus zu tun haben. Das hatte nie etwas beeinträchtigt.

Den Virus habe ich vorgestern bemerkt, da plötzlich immer ein Ladefehler von Webseiten in meinem Firefox-Browser entstand. Die Fehlermeldung lautet: "Fehler: Server nicht gefunden". Nach einigen Recherchen fiel mir auf, dass sich unsichtbare Dateien auf meinem Laptop befinden. Alle Dateien befinden sich in dem unsichtbaren Ordner "ProgramData". Zum Beispiel Dateien, wie IePlugin, Wprotectmanager.exe, mcache..., etc. Kürzlich hatte ich ein Update vom PDF24 installiert.

Vielen Dank für eure Hilfe!

Abschließend noch die Log-Dateien von defrogger, FRST, Additions und Gmer.

Defrogger:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 01:35 on 02/11/2014 (*****)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-11-2014
Ran by ***** (administrator) on *****-PC on 02-11-2014 01:37:16
Running from C:\Users\*****\Desktop
Loaded Profile: ***** (Available profiles: *****)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Egis Technology Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(CyberLink Corp.) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(CyberLink) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [ArcadeDeluxeAgent] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [156968 2009-01-21] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [202024 2009-01-21] (CyberLink)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1069576 2009-06-25] (Dritek System Inc.)
HKLM\...\Run: [BackupManagerTray] => C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [249600 2009-04-11] (NewTech Infosystems, Inc.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [440864 2009-06-23] (Acer Incorporated)
HKLM\...\Run: [mwlDaemon] => C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [345384 2009-05-14] (Egis Technology Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-02-26] (Adobe Systems Incorporated)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM\...\Run: [PMSpeed] => C:\Program Files\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [193568 2014-10-13] (Geek Software GmbH)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3732599129-3682975189-3366186057-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3732599129-3682975189-3366186057-1000\...\Run: [Scan Buttons] => C:\Program Files\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation)
HKU\S-1-5-21-3732599129-3682975189-3366186057-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
IFEO\convert.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\eprojmanager.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\licensecheck.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\localhelp.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\localreadme.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\pmsb.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\presto.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\prestopm.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\rim.desktop.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Autochartist MT4 plugin - Auto Update.lnk
ShortcutTarget: Autochartist MT4 plugin - Auto Update.lnk -> C:\Users\*****\AppData\Roaming\MetaQuotes\Terminal\C6F461B6759AD85A998117E6C0DA893F\MQL4\AutochartistPlugin_AutoUpdaterGKFX.exe (Pantaray Research Ltd.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = h**p://global.acer.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - (No Name) - {79a2b609-bbc0-4d16-9925-70cb98a6490d} -  No File
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = h**p://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = h**p://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F736F7572636569643D69653726713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26726C7A3D314937414341575F64654445333538&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&k=0
SearchScopes: HKCU - {0D0C3D16-C5A1-42C8-A494-2C892076179D} URL = h**p://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {550A0528-CDB3-46E8-B2C5-850CA42296B7} URL = h**p://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = h**p://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F736F7572636569643D69653726713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26726C7A3D314937414341575F64654445333538&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&k=0
SearchScopes: HKCU - {7A041FE6-052F-4A95-89B8-5FEFBD86D084} URL = h**p://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {7DC5F3C0-2A61-4815-9041-C999E86CFD52} URL = h**p://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {970681EF-6DCC-4BFA-8EF4-9F1C60BEA797} URL = h**p://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {DCF5722D-B672-4285-849A-3248375F5F64} URL = h**p://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} h**p://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} h**p://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default
FF DefaultSearchEngine: Search
FF SearchEngineOrder.1: foxsearch
FF SelectedSearchEngine: Search
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\*****\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\0316a598-4f67-41ba-a855-7523854f95e1.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\2c30d1f1-c97b-4044-b303-11eed66c55b2.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\c372c81f-2563-426e-95ac-81fd2fd5e2f7.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{141CE7DC-6988-436B-A34C-BF738A0FD08C}.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{2366B22D-77AC-4A2D-A472-682284219D1C}.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{4944E26B-77EB-463C-8661-87CBEAEB03CF}.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{5D53497C-F0B3-4A88-955B-6FB96861C86E}.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{75D318BF-EE11-4407-B89F-5E8F1FEE2C3E}.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{E170EF10-D6D5-49C5-AF3E-4B892F530C6A}.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: PageRank for Firefox - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\Extensions\pagerank@any-tech.ws.xpi [2014-07-18]
FF Extension: Youtube Downloader - Media Downloader - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\Extensions\paulsaintuzb@gmail.com.xpi [2014-09-20]
FF Extension: Easy Youtube Video Downloader Express - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2014-08-15]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-03]
FF Extension: {d62af845-475d-4289-b5ef-73e14137091e} - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\Extensions\{d62af845-475d-4289-b5ef-73e14137091e}.xpi [2014-04-20]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE} [2014-10-31]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-20]

Chrome: 
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S4 BlackBerry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-02-06] (Research In Motion Limited) [File not signed]
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048 2008-12-18] ()
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [707104 2009-06-23] (Acer Incorporated)
R2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-05-14] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [61184 2009-04-11] (NewTech Infosystems, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1731896 2014-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [19504 2008-12-04] (Egis Incorporated.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2008-12-04] (Egis Incorporated.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [59952 2008-12-04] (Egis Incorporated.)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 k57nd60x; system32\DRIVERS\k57nd60x.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIV.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-02 01:37 - 2014-11-02 01:37 - 00018614 _____ () C:\Users\*****\Desktop\FRST.txt
2014-11-02 01:37 - 2014-11-02 01:37 - 00000000 ____D () C:\FRST
2014-11-02 01:36 - 2014-11-02 01:36 - 01105920 _____ (Farbar) C:\Users\*****\Desktop\FRST.exe
2014-11-02 01:35 - 2014-11-02 01:35 - 00000474 _____ () C:\Users\*****\Desktop\defogger_disable.log
2014-11-02 01:34 - 2014-11-02 01:34 - 00050477 _____ () C:\Users\*****\Desktop\Defogger.exe
2014-11-01 22:52 - 2014-11-01 22:52 - 00017060 _____ () C:\Windows\system32\CCCInstall_201411012252280912.log
2014-11-01 19:36 - 2014-11-01 19:36 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-11-01 16:20 - 2014-11-01 16:20 - 00000000 ____D () C:\Windows\system32\IO
2014-11-01 16:14 - 2014-11-01 16:14 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Opera
2014-11-01 16:14 - 2011-05-13 14:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-11-01 16:14 - 2011-03-25 22:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2014-11-01 11:41 - 2014-11-01 11:41 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-10-31 16:53 - 2014-10-31 16:54 - 00017920 _____ () C:\Users\*****\Desktop\Performance_Ayondo.xls
2014-10-31 10:26 - 2014-10-31 10:26 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-28 12:30 - 2014-10-28 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-10-22 00:24 - 2014-10-22 00:24 - 00000000 ____D () C:\Users\*****\AppData\Roaming\CFXStorage
2014-10-21 19:16 - 2014-10-31 16:19 - 00015360 _____ () C:\Users\*****\Desktop\Trading_Targets.xls
2014-10-14 17:19 - 2014-06-20 08:46 - 00124416 _____ (FXBlue) C:\Windows\system32\FXBlueExcelRTD.dll
2014-10-14 16:45 - 2014-10-14 16:45 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autochartist GKFX Plugin

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-02 01:34 - 2009-08-04 16:58 - 01473183 _____ () C:\Windows\WindowsUpdate.log
2014-11-02 01:00 - 2012-04-09 11:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-02 00:56 - 2006-11-02 11:33 - 00005556 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-02 00:50 - 2010-11-20 20:59 - 00007160 _____ () C:\Users\*****\AppData\Local\d3d9caps.dat
2014-11-02 00:50 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-02 00:50 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-02 00:50 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-02 00:48 - 2006-11-02 14:01 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-02 00:09 - 2012-01-05 22:20 - 00000000 ____D () C:\temp
2014-11-02 00:04 - 2009-10-23 19:35 - 00000000 ____D () C:\Users\*****
2014-11-01 23:18 - 2013-08-15 19:47 - 00450086 _____ () C:\Windows\PFRO.log
2014-11-01 23:10 - 2010-12-21 18:50 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-11-01 23:00 - 2012-02-11 20:01 - 00000452 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{7B863DBE-0A34-4BF7-9569-2545848ECC9B}.job
2014-11-01 22:46 - 2014-08-20 10:29 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe
2014-11-01 19:22 - 2012-12-21 16:19 - 00000000 ____D () C:\Users\*****\Desktop\Musicbox -2-
2014-11-01 16:17 - 2010-02-22 20:37 - 00000000 ____D () C:\Users\*****\AppData\Local\CrashDumps
2014-11-01 16:14 - 2009-02-11 21:16 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-01 15:48 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2014-11-01 15:20 - 2013-02-13 22:24 - 00000000 ____D () C:\Windows\Minidump
2014-10-31 21:23 - 2014-06-13 15:02 - 00000000 ____D () C:\Program Files\Satellite Direct
2014-10-31 19:17 - 2012-05-04 21:47 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-31 17:13 - 2014-07-20 00:10 - 00000000 ____D () C:\Program Files\Compuware
2014-10-28 12:30 - 2010-12-11 01:00 - 00000000 ____D () C:\Program Files\PDF24
2014-10-28 06:35 - 2010-12-21 18:42 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-25 21:16 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2014-10-22 08:59 - 2012-04-09 11:05 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-22 08:59 - 2011-05-21 17:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-21 23:56 - 2014-04-13 18:42 - 00000000 ____D () C:\Program Files\GKFX FX - CFDs
2014-10-21 07:38 - 2014-04-13 18:43 - 03605864 _____ (MetaQuotes Software Corp.) C:\Windows\system32\MetaViewer.dll
2014-10-19 21:45 - 2014-05-27 16:15 - 00000000 ____D () C:\Users\*****\AppData\Roaming\FileZilla
2014-10-19 21:44 - 2014-07-05 19:18 - 00000000 ____D () C:\Users\*****\Desktop\Website_Affiliate_Infoakademie
2014-10-17 17:01 - 2013-07-13 22:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-17 16:57 - 2006-11-02 11:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-04 11:56 - 2013-10-20 18:07 - 00007087 _____ () C:\Windows\setupact.log

Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\expertpdf_v4_softonic_deu.exe
C:\Users\*****\AppData\Local\Temp\Quarantine.exe
C:\Users\*****\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-02 00:58

==================== End Of Log ============================
Additions:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-11-2014
Ran by ***** (administrator) on *****-PC on 02-11-2014 01:37:16
Running from C:\Users\*****\Desktop
Loaded Profile: ***** (Available profiles: *****)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Egis Technology Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(CyberLink Corp.) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(CyberLink) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [ArcadeDeluxeAgent] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [156968 2009-01-21] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [202024 2009-01-21] (CyberLink)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1069576 2009-06-25] (Dritek System Inc.)
HKLM\...\Run: [BackupManagerTray] => C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [249600 2009-04-11] (NewTech Infosystems, Inc.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [440864 2009-06-23] (Acer Incorporated)
HKLM\...\Run: [mwlDaemon] => C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [345384 2009-05-14] (Egis Technology Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-02-26] (Adobe Systems Incorporated)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM\...\Run: [PMSpeed] => C:\Program Files\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [193568 2014-10-13] (Geek Software GmbH)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3732599129-3682975189-3366186057-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3732599129-3682975189-3366186057-1000\...\Run: [Scan Buttons] => C:\Program Files\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation)
HKU\S-1-5-21-3732599129-3682975189-3366186057-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
IFEO\convert.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\eprojmanager.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\licensecheck.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\localhelp.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\localreadme.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\pmsb.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\presto.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\prestopm.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\rim.desktop.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Autochartist MT4 plugin - Auto Update.lnk
ShortcutTarget: Autochartist MT4 plugin - Auto Update.lnk -> C:\Users\*****\AppData\Roaming\MetaQuotes\Terminal\C6F461B6759AD85A998117E6C0DA893F\MQL4\AutochartistPlugin_AutoUpdaterGKFX.exe (Pantaray Research Ltd.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = h**p://global.acer.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - (No Name) - {79a2b609-bbc0-4d16-9925-70cb98a6490d} -  No File
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = h**p://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = h**p://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F736F7572636569643D69653726713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26726C7A3D314937414341575F64654445333538&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&k=0
SearchScopes: HKCU - {0D0C3D16-C5A1-42C8-A494-2C892076179D} URL = h**p://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {550A0528-CDB3-46E8-B2C5-850CA42296B7} URL = h**p://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = h**p://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F736F7572636569643D69653726713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26726C7A3D314937414341575F64654445333538&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&k=0
SearchScopes: HKCU - {7A041FE6-052F-4A95-89B8-5FEFBD86D084} URL = h**p://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {7DC5F3C0-2A61-4815-9041-C999E86CFD52} URL = h**p://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {970681EF-6DCC-4BFA-8EF4-9F1C60BEA797} URL = h**p://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {DCF5722D-B672-4285-849A-3248375F5F64} URL = h**p://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} h**p://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} h**p://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default
FF DefaultSearchEngine: Search
FF SearchEngineOrder.1: foxsearch
FF SelectedSearchEngine: Search
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\*****\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\0316a598-4f67-41ba-a855-7523854f95e1.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\2c30d1f1-c97b-4044-b303-11eed66c55b2.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\c372c81f-2563-426e-95ac-81fd2fd5e2f7.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{141CE7DC-6988-436B-A34C-BF738A0FD08C}.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{2366B22D-77AC-4A2D-A472-682284219D1C}.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{4944E26B-77EB-463C-8661-87CBEAEB03CF}.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{5D53497C-F0B3-4A88-955B-6FB96861C86E}.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{75D318BF-EE11-4407-B89F-5E8F1FEE2C3E}.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{E170EF10-D6D5-49C5-AF3E-4B892F530C6A}.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: PageRank for Firefox - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\Extensions\pagerank@any-tech.ws.xpi [2014-07-18]
FF Extension: Youtube Downloader - Media Downloader - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\Extensions\paulsaintuzb@gmail.com.xpi [2014-09-20]
FF Extension: Easy Youtube Video Downloader Express - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2014-08-15]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-03]
FF Extension: {d62af845-475d-4289-b5ef-73e14137091e} - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\Extensions\{d62af845-475d-4289-b5ef-73e14137091e}.xpi [2014-04-20]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE} [2014-10-31]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-20]

Chrome: 
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S4 BlackBerry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-02-06] (Research In Motion Limited) [File not signed]
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048 2008-12-18] ()
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [707104 2009-06-23] (Acer Incorporated)
R2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-05-14] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [61184 2009-04-11] (NewTech Infosystems, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1731896 2014-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [19504 2008-12-04] (Egis Incorporated.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2008-12-04] (Egis Incorporated.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [59952 2008-12-04] (Egis Incorporated.)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 k57nd60x; system32\DRIVERS\k57nd60x.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIV.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-02 01:37 - 2014-11-02 01:37 - 00018614 _____ () C:\Users\*****\Desktop\FRST.txt
2014-11-02 01:37 - 2014-11-02 01:37 - 00000000 ____D () C:\FRST
2014-11-02 01:36 - 2014-11-02 01:36 - 01105920 _____ (Farbar) C:\Users\*****\Desktop\FRST.exe
2014-11-02 01:35 - 2014-11-02 01:35 - 00000474 _____ () C:\Users\*****\Desktop\defogger_disable.log
2014-11-02 01:34 - 2014-11-02 01:34 - 00050477 _____ () C:\Users\*****\Desktop\Defogger.exe
2014-11-01 22:52 - 2014-11-01 22:52 - 00017060 _____ () C:\Windows\system32\CCCInstall_201411012252280912.log
2014-11-01 19:36 - 2014-11-01 19:36 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-11-01 16:20 - 2014-11-01 16:20 - 00000000 ____D () C:\Windows\system32\IO
2014-11-01 16:14 - 2014-11-01 16:14 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Opera
2014-11-01 16:14 - 2011-05-13 14:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-11-01 16:14 - 2011-03-25 22:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2014-11-01 11:41 - 2014-11-01 11:41 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-10-31 16:53 - 2014-10-31 16:54 - 00017920 _____ () C:\Users\*****\Desktop\Performance_Ayondo.xls
2014-10-31 10:26 - 2014-10-31 10:26 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-28 12:30 - 2014-10-28 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-10-22 00:24 - 2014-10-22 00:24 - 00000000 ____D () C:\Users\*****\AppData\Roaming\CFXStorage
2014-10-21 19:16 - 2014-10-31 16:19 - 00015360 _____ () C:\Users\*****\Desktop\Trading_Targets.xls
2014-10-14 17:19 - 2014-06-20 08:46 - 00124416 _____ (FXBlue) C:\Windows\system32\FXBlueExcelRTD.dll
2014-10-14 16:45 - 2014-10-14 16:45 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autochartist GKFX Plugin

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-02 01:34 - 2009-08-04 16:58 - 01473183 _____ () C:\Windows\WindowsUpdate.log
2014-11-02 01:00 - 2012-04-09 11:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-02 00:56 - 2006-11-02 11:33 - 00005556 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-02 00:50 - 2010-11-20 20:59 - 00007160 _____ () C:\Users\*****\AppData\Local\d3d9caps.dat
2014-11-02 00:50 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-02 00:50 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-02 00:50 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-02 00:48 - 2006-11-02 14:01 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-02 00:09 - 2012-01-05 22:20 - 00000000 ____D () C:\temp
2014-11-02 00:04 - 2009-10-23 19:35 - 00000000 ____D () C:\Users\*****
2014-11-01 23:18 - 2013-08-15 19:47 - 00450086 _____ () C:\Windows\PFRO.log
2014-11-01 23:10 - 2010-12-21 18:50 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-11-01 23:00 - 2012-02-11 20:01 - 00000452 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{7B863DBE-0A34-4BF7-9569-2545848ECC9B}.job
2014-11-01 22:46 - 2014-08-20 10:29 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe
2014-11-01 19:22 - 2012-12-21 16:19 - 00000000 ____D () C:\Users\*****\Desktop\Musicbox -2-
2014-11-01 16:17 - 2010-02-22 20:37 - 00000000 ____D () C:\Users\*****\AppData\Local\CrashDumps
2014-11-01 16:14 - 2009-02-11 21:16 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-01 15:48 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2014-11-01 15:20 - 2013-02-13 22:24 - 00000000 ____D () C:\Windows\Minidump
2014-10-31 21:23 - 2014-06-13 15:02 - 00000000 ____D () C:\Program Files\Satellite Direct
2014-10-31 19:17 - 2012-05-04 21:47 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-31 17:13 - 2014-07-20 00:10 - 00000000 ____D () C:\Program Files\Compuware
2014-10-28 12:30 - 2010-12-11 01:00 - 00000000 ____D () C:\Program Files\PDF24
2014-10-28 06:35 - 2010-12-21 18:42 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-25 21:16 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2014-10-22 08:59 - 2012-04-09 11:05 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-22 08:59 - 2011-05-21 17:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-21 23:56 - 2014-04-13 18:42 - 00000000 ____D () C:\Program Files\GKFX FX - CFDs
2014-10-21 07:38 - 2014-04-13 18:43 - 03605864 _____ (MetaQuotes Software Corp.) C:\Windows\system32\MetaViewer.dll
2014-10-19 21:45 - 2014-05-27 16:15 - 00000000 ____D () C:\Users\*****\AppData\Roaming\FileZilla
2014-10-19 21:44 - 2014-07-05 19:18 - 00000000 ____D () C:\Users\*****\Desktop\Website_Affiliate_Infoakademie
2014-10-17 17:01 - 2013-07-13 22:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-17 16:57 - 2006-11-02 11:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-04 11:56 - 2013-10-20 18:07 - 00007087 _____ () C:\Windows\setupact.log

Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\expertpdf_v4_softonic_deu.exe
C:\Users\*****\AppData\Local\Temp\Quarantine.exe
C:\Users\*****\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-02 00:58

==================== End Of Log ============================
Gmer:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-11-2014
Ran by ***** (administrator) on *****-PC on 02-11-2014 01:37:16
Running from C:\Users\*****\Desktop
Loaded Profile: ***** (Available profiles: *****)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Egis Technology Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(CyberLink Corp.) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(CyberLink) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [ArcadeDeluxeAgent] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [156968 2009-01-21] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [202024 2009-01-21] (CyberLink)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1069576 2009-06-25] (Dritek System Inc.)
HKLM\...\Run: [BackupManagerTray] => C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [249600 2009-04-11] (NewTech Infosystems, Inc.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [440864 2009-06-23] (Acer Incorporated)
HKLM\...\Run: [mwlDaemon] => C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [345384 2009-05-14] (Egis Technology Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-02-26] (Adobe Systems Incorporated)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM\...\Run: [PMSpeed] => C:\Program Files\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [193568 2014-10-13] (Geek Software GmbH)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3732599129-3682975189-3366186057-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3732599129-3682975189-3366186057-1000\...\Run: [Scan Buttons] => C:\Program Files\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation)
HKU\S-1-5-21-3732599129-3682975189-3366186057-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
IFEO\convert.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\eprojmanager.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\licensecheck.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\localhelp.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\localreadme.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\pmsb.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\presto.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\prestopm.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\rim.desktop.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Autochartist MT4 plugin - Auto Update.lnk
ShortcutTarget: Autochartist MT4 plugin - Auto Update.lnk -> C:\Users\*****\AppData\Roaming\MetaQuotes\Terminal\C6F461B6759AD85A998117E6C0DA893F\MQL4\AutochartistPlugin_AutoUpdaterGKFX.exe (Pantaray Research Ltd.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = h**p://global.acer.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - (No Name) - {79a2b609-bbc0-4d16-9925-70cb98a6490d} -  No File
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = h**p://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = h**p://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F736F7572636569643D69653726713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26726C7A3D314937414341575F64654445333538&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&k=0
SearchScopes: HKCU - {0D0C3D16-C5A1-42C8-A494-2C892076179D} URL = h**p://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {550A0528-CDB3-46E8-B2C5-850CA42296B7} URL = h**p://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = h**p://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F736F7572636569643D69653726713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26726C7A3D314937414341575F64654445333538&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&k=0
SearchScopes: HKCU - {7A041FE6-052F-4A95-89B8-5FEFBD86D084} URL = h**p://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {7DC5F3C0-2A61-4815-9041-C999E86CFD52} URL = h**p://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {970681EF-6DCC-4BFA-8EF4-9F1C60BEA797} URL = h**p://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {DCF5722D-B672-4285-849A-3248375F5F64} URL = h**p://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=c4ad48f5-2e5b-459d-ad17-b3bc6a21b45e&pid=chipde&mode=bounce&k=0
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} h**p://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} h**p://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default
FF DefaultSearchEngine: Search
FF SearchEngineOrder.1: foxsearch
FF SelectedSearchEngine: Search
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\*****\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\0316a598-4f67-41ba-a855-7523854f95e1.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\2c30d1f1-c97b-4044-b303-11eed66c55b2.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\c372c81f-2563-426e-95ac-81fd2fd5e2f7.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{141CE7DC-6988-436B-A34C-BF738A0FD08C}.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{2366B22D-77AC-4A2D-A472-682284219D1C}.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{4944E26B-77EB-463C-8661-87CBEAEB03CF}.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{5D53497C-F0B3-4A88-955B-6FB96861C86E}.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{75D318BF-EE11-4407-B89F-5E8F1FEE2C3E}.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\searchplugins\{E170EF10-D6D5-49C5-AF3E-4B892F530C6A}.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: PageRank for Firefox - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\Extensions\pagerank@any-tech.ws.xpi [2014-07-18]
FF Extension: Youtube Downloader - Media Downloader - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\Extensions\paulsaintuzb@gmail.com.xpi [2014-09-20]
FF Extension: Easy Youtube Video Downloader Express - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2014-08-15]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-03]
FF Extension: {d62af845-475d-4289-b5ef-73e14137091e} - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lmtasn4t.default\Extensions\{d62af845-475d-4289-b5ef-73e14137091e}.xpi [2014-04-20]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE} [2014-10-31]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-20]

Chrome: 
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S4 BlackBerry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-02-06] (Research In Motion Limited) [File not signed]
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048 2008-12-18] ()
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [707104 2009-06-23] (Acer Incorporated)
R2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-05-14] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [61184 2009-04-11] (NewTech Infosystems, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1731896 2014-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [19504 2008-12-04] (Egis Incorporated.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2008-12-04] (Egis Incorporated.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [59952 2008-12-04] (Egis Incorporated.)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 k57nd60x; system32\DRIVERS\k57nd60x.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIV.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-02 01:37 - 2014-11-02 01:37 - 00018614 _____ () C:\Users\*****\Desktop\FRST.txt
2014-11-02 01:37 - 2014-11-02 01:37 - 00000000 ____D () C:\FRST
2014-11-02 01:36 - 2014-11-02 01:36 - 01105920 _____ (Farbar) C:\Users\*****\Desktop\FRST.exe
2014-11-02 01:35 - 2014-11-02 01:35 - 00000474 _____ () C:\Users\*****\Desktop\defogger_disable.log
2014-11-02 01:34 - 2014-11-02 01:34 - 00050477 _____ () C:\Users\*****\Desktop\Defogger.exe
2014-11-01 22:52 - 2014-11-01 22:52 - 00017060 _____ () C:\Windows\system32\CCCInstall_201411012252280912.log
2014-11-01 19:36 - 2014-11-01 19:36 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-11-01 16:20 - 2014-11-01 16:20 - 00000000 ____D () C:\Windows\system32\IO
2014-11-01 16:14 - 2014-11-01 16:14 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Opera
2014-11-01 16:14 - 2011-05-13 14:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-11-01 16:14 - 2011-03-25 22:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2014-11-01 11:41 - 2014-11-01 11:41 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-10-31 16:53 - 2014-10-31 16:54 - 00017920 _____ () C:\Users\*****\Desktop\Performance_Ayondo.xls
2014-10-31 10:26 - 2014-10-31 10:26 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-28 12:30 - 2014-10-28 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-10-22 00:24 - 2014-10-22 00:24 - 00000000 ____D () C:\Users\*****\AppData\Roaming\CFXStorage
2014-10-21 19:16 - 2014-10-31 16:19 - 00015360 _____ () C:\Users\*****\Desktop\Trading_Targets.xls
2014-10-14 17:19 - 2014-06-20 08:46 - 00124416 _____ (FXBlue) C:\Windows\system32\FXBlueExcelRTD.dll
2014-10-14 16:45 - 2014-10-14 16:45 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autochartist GKFX Plugin

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-02 01:34 - 2009-08-04 16:58 - 01473183 _____ () C:\Windows\WindowsUpdate.log
2014-11-02 01:00 - 2012-04-09 11:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-02 00:56 - 2006-11-02 11:33 - 00005556 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-02 00:50 - 2010-11-20 20:59 - 00007160 _____ () C:\Users\*****\AppData\Local\d3d9caps.dat
2014-11-02 00:50 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-02 00:50 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-02 00:50 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-02 00:48 - 2006-11-02 14:01 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-02 00:09 - 2012-01-05 22:20 - 00000000 ____D () C:\temp
2014-11-02 00:04 - 2009-10-23 19:35 - 00000000 ____D () C:\Users\*****
2014-11-01 23:18 - 2013-08-15 19:47 - 00450086 _____ () C:\Windows\PFRO.log
2014-11-01 23:10 - 2010-12-21 18:50 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-11-01 23:00 - 2012-02-11 20:01 - 00000452 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{7B863DBE-0A34-4BF7-9569-2545848ECC9B}.job
2014-11-01 22:46 - 2014-08-20 10:29 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe
2014-11-01 19:22 - 2012-12-21 16:19 - 00000000 ____D () C:\Users\*****\Desktop\Musicbox -2-
2014-11-01 16:17 - 2010-02-22 20:37 - 00000000 ____D () C:\Users\*****\AppData\Local\CrashDumps
2014-11-01 16:14 - 2009-02-11 21:16 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-01 15:48 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2014-11-01 15:20 - 2013-02-13 22:24 - 00000000 ____D () C:\Windows\Minidump
2014-10-31 21:23 - 2014-06-13 15:02 - 00000000 ____D () C:\Program Files\Satellite Direct
2014-10-31 19:17 - 2012-05-04 21:47 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-31 17:13 - 2014-07-20 00:10 - 00000000 ____D () C:\Program Files\Compuware
2014-10-28 12:30 - 2010-12-11 01:00 - 00000000 ____D () C:\Program Files\PDF24
2014-10-28 06:35 - 2010-12-21 18:42 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-25 21:16 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2014-10-22 08:59 - 2012-04-09 11:05 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-22 08:59 - 2011-05-21 17:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-21 23:56 - 2014-04-13 18:42 - 00000000 ____D () C:\Program Files\GKFX FX - CFDs
2014-10-21 07:38 - 2014-04-13 18:43 - 03605864 _____ (MetaQuotes Software Corp.) C:\Windows\system32\MetaViewer.dll
2014-10-19 21:45 - 2014-05-27 16:15 - 00000000 ____D () C:\Users\*****\AppData\Roaming\FileZilla
2014-10-19 21:44 - 2014-07-05 19:18 - 00000000 ____D () C:\Users\*****\Desktop\Website_Affiliate_Infoakademie
2014-10-17 17:01 - 2013-07-13 22:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-17 16:57 - 2006-11-02 11:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-04 11:56 - 2013-10-20 18:07 - 00007087 _____ () C:\Windows\setupact.log

Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\expertpdf_v4_softonic_deu.exe
C:\Users\*****\AppData\Local\Temp\Quarantine.exe
C:\Users\*****\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-02 00:58

==================== End Of Log ============================

 

Themen zu Windows Vista-Servicepack 1: Auf Webseiten erscheint "Fehler: Server nicht gefunden". Ursache: Virus ProgramData, Wprotectmanager, IePlugin
4d36e972-e325-11ce-bfc1-08002be10318, administrator, defender, downloader, explorer, fehlermeldung, flash player, gerätetreiber, homepage, iepluginservice, installation, launch, microsoft-6zu4-adapter, mozilla, performance, programdata, registry, services.exe, software, svchost.exe, this device cannot start. (code10), windows, winlogon.exe, wprotectmanager


« Windows XP / Im Browser nur noch Werbung! Ads by dealster und Pop-Up's! | windows 7, search protect nicht deinstallierbar, browser installiert automatisch add ons und öffnet andere websites »


Ähnliche Themen: Windows Vista-Servicepack 1: Auf Webseiten erscheint "Fehler: Server nicht gefunden". Ursache: Virus ProgramData, Wprotectmanager, IePlugin


  1. Windows 10, Internet hat sehr lange Ladezeit und gibt oft Fehler "Server antwortet nicht"
    Log-Analyse und Auswertung - 01.10.2015 (21)
  2. Fehlermeldung - "Fehler: Server nicht gefunden"
    Plagegeister aller Art und deren Bekämpfung - 12.02.2015 (13)
  3. "bat=exe konnte nicht gefunden werden" nach Start - Windows Vista
    Log-Analyse und Auswertung - 27.12.2014 (14)
  4. Bei Systemstart: Fehler beim Laden des Moduls "C:\ProgramData\IsobeDanma\IsobeDanma.dat"
    Plagegeister aller Art und deren Bekämpfung - 13.12.2014 (5)
  5. "Fehler: Server nicht gefunden" immer noch nach "WAJAM.A.1"-Befall
    Plagegeister aller Art und deren Bekämpfung - 05.11.2014 (15)
  6. Windows 7: Fehlermeldung bei Systemstart- RegSvr32 "Fehler beim Laden des Moduls ""."
    Alles rund um Windows - 12.08.2014 (18)
  7. WHS: "Heimserver nicht gefunden" (Win Vista, Recovery CD)
    Netzwerk und Hardware - 06.08.2014 (11)
  8. RegSvR32: Das Modul "C:\ProgramData\troddoa.dat" konnte nicht geladen werden
    Plagegeister aller Art und deren Bekämpfung - 27.02.2014 (5)
  9. "EXP/CVE-2011-3402' [exploit]" heute gefunden und (bereits länger) "Server ist ausgelastet" Meldung
    Log-Analyse und Auswertung - 17.12.2013 (3)
  10. Fehlermeldung "Server ist ausgelastet" erscheint gleich nach dem Start
    Plagegeister aller Art und deren Bekämpfung - 24.07.2013 (21)
  11. Youtube kann nicht mehr erreicht werden: "Fehler: Server nicht gefunden "
    Plagegeister aller Art und deren Bekämpfung - 19.09.2011 (4)
  12. Internet: "Fehler: Server nicht gefunden !"
    Plagegeister aller Art und deren Bekämpfung - 16.08.2011 (1)
  13. "muxyi.exe" und Fehler bei Rechte zu "C:\ProgramData\Microsoft\Windows"
    Plagegeister aller Art und deren Bekämpfung - 08.01.2011 (5)
  14. Fehler in Windows Vista: "Ein kritischer Fehler ist aufgetreten, Windows wird in einer Minute..."
    Log-Analyse und Auswertung - 20.08.2010 (0)
  15. Vista meldet bei fast allen exe-Dateien: "*.exe konnte nicht gefunden werden"
    Plagegeister aller Art und deren Bekämpfung - 13.01.2009 (1)
  16. Trojaner & Viren, redirect oder "server not found" bei webseiten - bitte hilfe!
    Plagegeister aller Art und deren Bekämpfung - 24.10.2008 (10)
  17. "Server nicht gefunden"-TBPS.exe,ssv und gemein
    Plagegeister aller Art und deren Bekämpfung - 14.04.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows Vista-Servicepack 1: Auf Webseiten erscheint "Fehler: Server nicht gefunden". Ursache: Virus ProgramData, Wprotectmanager, IePlugin - Hallo zusammen, ich habe mir einen Virus auf meinem Acer-PC eingefangen. Ich habe das 32-bit Betriebssystem von Windows Vista installiert. Bisher auch leider noch Servicepack 1, weil die Installation von - Windows Vista-Servicepack 1: Auf Webseiten erscheint "Fehler: Server nicht gefunden". Ursache: Virus ProgramData, Wprotectmanager, IePlugin...
Archiv
Du betrachtest: Windows Vista-Servicepack 1: Auf Webseiten erscheint "Fehler: Server nicht gefunden". Ursache: Virus ProgramData, Wprotectmanager, IePlugin auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131